CVE-2021-21381 log

Severity Medium
Remote No
Type Sandbox escape
Flatpack since version 0.9.4 and before version 1.10.2 has a vulnerability in the "file forwarding" feature which can be used by an attacker to gain access to files that would not ordinarily be allowed by the app's permissions. By putting the special tokens `@@` and/or `@@u` in the Exec field of a Flatpak app's .desktop file, a malicious app publisher can trick flatpak into behaving as though the user had chosen to open a target file with their Flatpak app, which automatically makes that file available to the Flatpak app. This is fixed in version 1.10.2.
Group Package Affected Fixed Severity Status Ticket
AVG-1678 flatpak 1.10.1-1 1.10.2-1 Medium Fixed
Date Advisory Group Package Severity Type
13 Mar 2021 ASA-202103-4 AVG-1678 flatpak Medium sandbox escape